Friday, August 12, 2011

what is CVSS perfect score 10 ( perfect storm)

actually it's pretty difficult to have CVSS perfect 10.
the exploit must be from remote, easy to implement, does not require authentication, the impact must be complete confidential&integrity&availability, the damage must be catastrophic & very vulnerable, for a system that requires high confidential&integrity&availability...

you can try it yourself:
http://nvd.nist.gov/cvss.cfm?calculator&version=2